Hi,
At 23.44 10/12/2005, Mike Diggins wrote:
I'm running Squid V2.5Stable10 and Samba 3.0.14a using NTLM
authentication and configured according to the FAQ (Winbind).
So, I assume here that you are using Samba's ntlm_auth.
All is working great except the PDC Admin has told me that all my
authentications are occurring against only one of the two domain
controllers. So, my question is likely to do with Samba, but does
anyone know the correct config to make that happen? My current
smb.conf looks like this:
[global]
workgroup = AP1
winbind uid = 10000-20000
winbind gid = 10000-20000
encrypt passwords = yes
security=domain
What kind of domain ? NT 4 or Active Directory ?
If Active Directory you should use "security=ads"
password server = as6.ad.McMaster.CA, as7.ad.mcmaster.ca
This should never needed: usually Samba find by itself the right DC.
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
preferred master = False
local master = No
domain master = False
log file = /var/log/samba.log
Note: the domain is called AP1, the two domain controllers are as6
and as7. I'm told that all my authentications are going to as6 but
switching the order doesn't seem to help. I'd like them both to be
used as well as provide redundancy should one fail.
Any advice would be appreciated.
Do you are using "auth_param ntlm use_ntlm_negotiate on" in squid.conf ?
Enabling NTLM Negotiate changes the way how the authentication process work.
Regards
Guido
-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@xxxxxxxxxxxxxxxxx
WWW: http://www.acmeconsulting.it/
